[plasmashell] [Bug 514263] New: [RFE] [Openconnect] nm plasma applet does not support PKCS11 usercerts

Wed, 07 Jan 2026 01:41:54 -0800 

https://bugs.kde.org/show_bug.cgi?id=514263

            Bug ID: 514263
           Summary: [RFE] [Openconnect] nm plasma applet does not support
                    PKCS11 usercerts
    Classification: Plasma
           Product: plasmashell
      Version First 6.5.4
       Reported In:
          Platform: Fedora RPMs
                OS: Linux
            Status: REPORTED
          Severity: wishlist
          Priority: NOR
         Component: Networks widget
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: 1.0

***
If you're not sure this is actually a bug, instead post about it at
https://discuss.kde.org

If you're reporting a crash, attach a backtrace with debug symbols; see
https://community.kde.org/Guidelines_and_HOWTOs/Debugging/How_to_create_useful_crash_reports

Please remove this comment after reading and before submitting - thanks!
***

SUMMARY
I have my openconnect VPN user certificate stored in a PKCS11 tpm2 store. 
When creating the connecting in the plasma nm gui I can only choose a usercert
from file. There is no integration for specifying a PKCS11 certifiate. That
works fine using gnome nm-connection-editor.

another thing is that once I have created the connection using
nm-connection-editor then starting it from plasma nm applet it will not ask for
the pin and report certificate not available.

STEPS TO REPRODUCE
1. have a PKCS11 certificate on tpm store or smartcard
2. create a vpn connecting and try to add that certificate for user certificate
using plasma nm applet
3. If nm vpn connection was created using gnome connecting editor try to enable
the connecting, it will fail as no pin is prompted

OBSERVED RESULT
- unable to select PKCS11 cert for usercert
- nm openconnect vpn connection fails with error:
Error loading certificate from PKCS#11: The requested data were not available.

EXPECTED RESULT
- usercert dialogue shows available PKCS11 certs in addition to select cert
from file.
- pin for PKCS11 cert is prompted so cert can be used

SOFTWARE/OS VERSIONS
Operating System: Fedora Linux 43
KDE Plasma Version: 6.5.4
KDE Frameworks Version: 6.21.0
Qt Version: 6.10.1
Kernel Version: 6.17.12-300.fc43.x86_64 (64-bit)
Graphics Platform: Wayland

ADDITIONAL INFORMATION

-- 
You are receiving this mail because:
You are watching all bug changes.

Reply via email to